Fault diagnosis method and apparatus thereof

ABSTRACT

Various embodiments provide a fault diagnosis method and an apparatus. In those embodiments, a centralized management apparatus receives a first packet from a first network device by using a first IGP monitoring protocol session, where the first packet includes a first message sent by the first network device to a second network device. The centralized management apparatus receives a second packet from the second network device through a second IGP monitoring protocol session, where the second packet includes a second message sent by the second network device to the first network device. The centralized management apparatus performs fault diagnosis based on the first packet and the second packet.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.17/013,837 filed on Sep. 7, 2020, which is a continuation ofInternational Application No. PCT/CN2019/077017 filed on Mar. 5, 2019,which claims priority to Chinese Patent Application No. 201810198167.1,filed on Mar. 9, 2018. All of the aforementioned patent applications arehereby incorporated by reference in their entireties.

TECHNICAL FIELD

Various embodiments relate to the field of communications technologies,and in particular, to a fault diagnosis method and an apparatus thereof.

BACKGROUND

The Internal Gateway Protocol (IGP) is a protocol used to exchange dataflow forwarding channel information between gateways in an autonomoussystem (for example, an autonomous system in a local community). In theInternet Protocol (IP) or another network protocol, the channelinformation is usually used to determine how to transmit a data flow.The gateway may be a host or a router. IGP may include the RoutingInformation Protocol (RIP), the open shortest path first (OSPF)protocol, the intermediate system to intermediate system (IS-IS)protocol, and the like.

In a network using IGP, a fault such as a failure of establishing aconnection between a router 1 and a router 2 or a failure of routelearning may occur. The router 1 and the router 2 are neighbors to eachother in the network. Currently, a manual fault diagnosis method is usedto determine a fault. To be specific, an administrator enters a commandline on each router in a network to query IGP state information andneighbor state information, so as to determine that the network isfaulty. This manual fault diagnosis method depends on judgment of theadministrator, and therefore a relatively long time is consumed.Frequent queries affect normal working efficiency of the router or evencause the router to break down.

SUMMARY

To resolve a technical problem, various embodiments provide a faultdiagnosis method and an apparatus thereof, so that disadvantages of amanual fault diagnosis method can be overcome, a time consumed for faultdiagnosis can be shortened, and impact on normal working efficiency of anetwork device can be reduced.

A first aspect of the various embodiments provides a fault diagnosismethod, including:

receiving, by a centralized management apparatus, a first packet from afirst network device by using a first IGP monitoring protocol session,where the first packet includes a first message sent by the firstnetwork device to a second network device; receiving, by the centralizedmanagement apparatus, a second packet from the second network device byusing a second IGP monitoring protocol session, where the second packetincludes a second message sent by the second network device to the firstnetwork device, and a message type of the second message is the same asthat of the first message; and performing, by the centralized managementapparatus, fault diagnosis based on the first packet and the secondpacket.

According to the first aspect, the centralized management apparatusreceives the first packet from the first network device and the secondpacket from the second network device by using the IGP monitoringprotocol sessions, and performs fault diagnosis based on the firstpacket and the second packet, so that the centralized managementapparatus performs fault diagnosis, to shorten a time consumed for faultdiagnosis, and reduce impact on normal working efficiency of the networkdevice.

The first network device and the second network device are used asexamples. The centralized management apparatus may actually performfault diagnosis based on a packet sent by each of a plurality of networkdevices.

With reference to the first aspect, in one example implementation, thefirst message and the second message are messages of a same type, to bespecific, both are neighbor discovery messages, both are link statedatabase information, both are other messages, or the like. Because thefirst message and the second message are the messages of the same type,protocol message types of the first packet and the second packet are thesame, so that the centralized management apparatus detects whether thefirst packet and the second packet meet a packet rule. It may beunderstood that the centralized management apparatus performs faultdiagnosis only when the protocol message types of the first packet andthe second packet are the same.

With reference to the first aspect, in one example implementation, thecentralized management apparatus performs fault diagnosis when the firstpacket and the second packet do not meet a packet rule, so that thecentralized management apparatus can determine a fault. The fault may bea fault on the first network device, may be a fault on the secondnetwork device, may be a fault on a connection between the first networkdevice and the second network device, in other words, the connectionbetween the first network device and the second network device cannot beestablished, may be a route learning fault, in other words, routelearning of the first network device or the second network device fails,or the like.

With reference to the first aspect, in one example implementation, whenthe first message and the second message are neighbor discoverymessages, the packet rule is an IGP connection establishment rule. Theneighbor discovery message includes at least one of an authenticationmanner, a system identifier, an intermediate system to intermediatesystem IS-IS level, and a maximum transmission unit value. The IGPconnection establishment rule includes a rule that authenticationmanners at two ends of a link need to be matched, a rule that systemidentifiers at the two ends of the link need to be different, a rulethat IS-IS levels at the two ends of the link need to be matched, and arule that maximum transmission unit values at the two ends of the linkneed to be the same. The centralized management apparatus detectswhether at least one of a pair of authentication manners, a pair ofsystem identifiers, a pair of IS-IS levels, and a pair of maximumtransmission unit values of the first network device and the secondnetwork device meets the IGP connection establishment rule; and when theat least one of a pair of authentication manners, a pair of systemidentifiers, a pair of IS-IS levels, and a pair of maximum transmissionunit values of the first router and the second network device does notmeet the IGP connection establishment rule, determines that the firstpacket and the second packet do not meet the packet rule. Thecentralized management apparatus may determine that there is a faultthat a connection between the first network device and the secondnetwork device cannot be established. To be specific, when the firstmessage and the second message are the neighbor discovery messages, andthe first packet and the second packet do not meet the packet rule, thecentralized management apparatus may determine a fault type throughdiagnosis, namely, the fault that the connection between the firstnetwork device and the second network device cannot be established.

With reference to the first aspect, in one example implementation, whenthe first message carries an authentication manner of the first networkdevice, and the second message carries an authentication manner of thesecond network device, the IGP connection establishment rule is that theauthentication manners at the two ends of the link need to be the same.The authentication manner is an interface authentication manner. Thecentralized management apparatus detects whether the authenticationmanner of the first network device matches the authentication manner ofthe second network device. If the authentication manner of the firstnetwork device does not match the authentication manner of the secondnetwork device, the centralized management apparatus may determine thatthe first packet and the second packet do not meet the packet rule.

In this implementation, the centralized management apparatus may furtherdetermine that a fault cause is that the authentication manner of thefirst network device does not match the authentication manner of thesecond network device. Therefore, an administrator adjusts theauthentication manner of the first network device or the second networkdevice, so that the authentication manner of the first network devicematches the authentication manner of the second network device, to meetthe IGP connection establishment rule, and help establish the connectionbetween the first network device and the second network device.

With reference to the first aspect, in one example implementation, whenthe first message carries a system identifier of the first networkdevice, and the second message carries a system identifier of the secondnetwork device, the IGP connection establishment rule is that the systemidentifiers at the two ends of the link need to be different. Thecentralized management apparatus detects whether the system identifierof the first network device is the same as the system identifier of thesecond network device. If the system identifier of the first networkdevice is the same as the system identifier of the second networkdevice, the centralized management apparatus may determine that thefirst packet and the second packet do not meet the packet rule.

In this implementation, the centralized management apparatus may furtherdetermine that a fault cause is that the system identifier of the firstnetwork device is the same as the system identifier of the secondnetwork device. Therefore, an administrator adjusts the systemidentifier of the first network device or the second network device, sothat the system identifier of the first network device is different fromthe system identifier of the second network device, to meet the IGPconnection establishment rule, and help establish the connection betweenthe first network device and the second network device.

With reference to the first aspect, in one example implementation, whenthe first message carries an IS-IS level of the first network device,and the second message carries an IS-IS level of the second networkdevice, the IGP connection establishment rule is that the IS-IS levelsat the two ends of the link need to be matched. The centralizedmanagement apparatus detects whether the IS-IS level of the firstnetwork device matches the IS-IS level of the second network device. Ifthe IS-IS level of the first network device does not match the IS-ISlevel of the second network device, the centralized management apparatusmay determine that the first packet and the second packet do not meetthe packet rule.

In this implementation, the centralized management apparatus may furtherdetermine that a fault cause is that the IS-IS level of the firstnetwork device does not match the IS-IS level of the second networkdevice. Therefore, an administrator adjusts the IS-IS level of the firstnetwork device or the second network device, so that the IS-IS level ofthe first network device matches the IS-IS level of the second networkdevice, to meet the IGP connection establishment rule, and helpestablish the connection between the first network device and the secondnetwork device.

With reference to the first aspect, in one example implementation, whenthe first message carries a maximum transmission unit value of the firstnetwork device, and the second message carries a maximum transmissionunit value of the second network device, the IGP connectionestablishment rule is that the maximum transmission unit values at thetwo ends of the link need to be the same. The centralized managementapparatus detects whether the maximum transmission unit value of thefirst network device is the same as the maximum transmission unit valueof the second network device. If the maximum transmission unit value ofthe first network device is different from the maximum transmission unitvalue of the second network device, the centralized management apparatusmay determine that the first packet and the second packet do not meetthe packet rule.

In this implementation, the centralized management apparatus may furtherdetermine that a fault cause is that the maximum transmission unit valueof the first network device is different from the maximum transmissionunit value of the second network device. Therefore, an administratoradjusts the maximum transmission unit value of the first network deviceor the second network device, so that the maximum transmission unitvalue of the first network device is the same as the maximumtransmission unit value of the second network device, to meet the IGPconnection establishment rule, and help establish the connection betweenthe first network device and the second network device.

With reference to the first aspect, in one example implementation, thecentralized management apparatus generates information about adjusting amaximum transmission unit value if the maximum transmission unit valuesof the first network device and the second network device do not meetthe IGP connection establishment rule, and the maximum transmission unitvalue of the first network device or the second network device is lessthan a maximum transmission unit threshold. The information aboutadjusting a maximum transmission unit value is used to instruct anadministrator to adjust the maximum transmission unit value of the firstnetwork device or the second network device. For example, thecentralized management apparatus generates and outputs the informationabout adjusting a maximum transmission unit. When obtaining theinformation, the administrator queries the maximum transmission unitvalues of the two network devices, to determine whether to adjust themaximum transmission unit value of the first network device or thesecond network device, so as to optimize running of IGP.

With reference to the first aspect, in one example implementation, whendetermining that there is the fault that the connection between thefirst network device and the second network device cannot beestablished, the centralized management apparatus generates alarminformation to indicate the fault, so that an administrator performscorresponding adjustment. The alarm information may carry a fault cause,so that the administrator performs targeted adjustment based on thefault cause.

The administrator does not need to compare information obtained fromnetwork devices to determine the fault cause. When determining thatthere is the fault, the centralized management apparatus can determinethe fault cause based on the first packet and the second packet, toimprove intelligence and flexibility of the centralized managementapparatus.

With reference to the first aspect, in one example implementation, thefirst message and the second message are link state databaseinformation, and the link state packet database information includes atleast one link state packet. The centralized management apparatusdetects whether at least one link state packet included in the firstpacket is consistent with at least one link state packet included in thesecond packet; and when the at least one link state packet included inthe first packet is inconsistent with the at least one link state packetincluded in the second packet, determines that the first packet and thesecond packet do not meet the packet rule. In this case, the packet ruleis that link state database information included in the first packetneeds to be consistent with link state database information included inthe second packet.

The centralized management apparatus may determine that there is a routelearning fault. The route learning fault is that route learning of thefirst network device or the second network device fails.

With reference to the first aspect, in one example implementation, ifthe at least one link state packet included in the first packet does notmatch the at least one link state packet included in the second packet,the centralized management apparatus determines that the first packetand the second packet do not meet the packet rule.

If a link state packet 1 sent by the first network device includes an IPprefix P1, in other words, the link state packet 1 of the first packetcarries the IP prefix P1, but when the first network device synchronizesthe link state packet 1 to the second network device, the IP prefix P1is not carried in the link state packet 1, in other words, the linkstate packet 1 of the second packet does not carry the IP prefix P1. Inthis case, the centralized management apparatus may determine that theat least one link state packet included in the first packet does notmatch the at least one link state packet included in the second packet.

If a link state packet 1 sent by the first network device includes an IPprefix P1, in other words, the link state packet 1 of the first packetcarries the IP prefix P1, but when the first network device synchronizesthe link state packet 1 to the second network device, the link statepacket 1 carries an IP prefix P2 in addition to the IP prefix P1, inother words, the link state packet 1 of the second packet carries the IPprefixes P1 and P2. In this case, the centralized management apparatusmay determine that the at least one link state packet included in thefirst packet does not match the at least one link state packet includedin the second packet.

In this implementation, the centralized management apparatus may furtherdetermine that a fault cause of the route learning fault is that arouting prefix sent by the first network device or the second networkdevice is incorrect, so that the administrator handles the fault intime. For example, if the link state packet 1 of the first packetcarries the IP prefix P1, and the link state packet 1 of the secondpacket does not carry the IP prefix P1, or the link state packet 1 ofthe second packet carries the IP prefixes P1 and P2, the centralizedmanagement apparatus may determine that the fault cause is that therouting prefix sent by the first network device is incorrect.

With reference to the first aspect, in one example implementation, ifthe at least one link state packet included in the first packet does notinclude the at least one link state packet included in the secondpacket, or the at least one link state packet included in the secondpacket does not include the at least one link state packet included inthe first packet, in other words, the at least one link state packetsent by one network device cannot be found on the other network device,the centralized management apparatus determines that the first packetand the second packet do not meet the packet rule. For example, if thefirst packet includes a link state packet 1 and a link state packet 2,and the link state packet 1 is a packet generated by the first networkdevice, but the second packet does not include the link state packet 1,the centralized management apparatus determines that the first packetand the second packet do not meet the packet rule.

In this implementation, the centralized management apparatus may furtherdetermine that a fault cause of the route learning fault is that a linkstate packet received by the first network device or the second networkdevice is incorrect, so that the administrator handles the fault intime. For example, if the first packet includes a link state packet 1and a link state packet 2, and the link state packet 1 is a packetgenerated by the first network device, but the second packet does notinclude the link state packet 1, the centralized management apparatusmay determine that the fault cause is that the link state packetreceived by the second network device is incorrect, in other words, thesecond network device does not receive the link state packet 1.

With reference to the first aspect, in one example implementation, whendetermining that there is the route learning fault, the centralizedmanagement apparatus generates alarm information to indicate the fault,so that the administrator handles the fault in time.

The administrator does not need to compare information obtained fromnetwork devices to determine the fault cause. When determining thatthere is the fault, the centralized management apparatus can determinethe fault cause based on the first packet and the second packet, toimprove intelligence and flexibility of the centralized managementapparatus.

With reference to the first aspect, in one example implementation,before receiving a packet from a network device by using the IGPmonitoring protocol session, the centralized management apparatusestablishes the IGP monitoring protocol session with the network device,so that the network device can send the packet to the centralizedmanagement apparatus, to help the centralized management apparatusperform fault diagnosis.

A procedure of establishing the first IGP monitoring protocol session isused as an example. The procedure may include: configuring, by thecentralized management apparatus, a first IP address used to establishthe IGP monitoring protocol session and a transmission control protocolTCP port number; receiving a TCP connection establishment request fromthe first network device by using the TCP port number, where the TCPconnection establishment request includes a second IP address that isused to establish the IGP monitoring protocol session and that isconfigured by the first network device; and establishing the first IGPmonitoring protocol session between the centralized management apparatusand the first network device.

A second aspect of the various embodiments provides a fault diagnosismethod, including:

encapsulating, by a first network device, a message by using an IGPmonitoring protocol, to obtain a packet, where the message is a messagesent by the first network device to a second network device; andsending, by the first network device, the packet to a centralizedmanagement apparatus by using an IGP monitoring protocol session.

According to the second aspect, the first network device encapsulatesthe message by using the IGP monitoring protocol, to obtain the packet,and sends the packet to the centralized management apparatus by usingthe IGP monitoring protocol session, so that the centralized managementapparatus performs fault diagnosis based on packets sent by networkdevices.

With reference to the second aspect, in one example implementation, thefirst network device configures a second IP address used to establishthe IGP monitoring protocol session, and a first IP address used toestablish the IGP monitoring protocol session and a TCP port number thatare configured by the centralized management apparatus; and sends a TCPconnection establishment request to the centralized management apparatusby using the TCP port number, where the TCP connection establishmentrequest includes the second IP address, and the TCP connectionestablishment request is used to establish the IGP monitoring protocolsession, so that the centralized management apparatus establishes theIGP monitoring protocol session, and the first network device sends thepacket to the centralized management apparatus by using the IGPmonitoring protocol session.

It should be noted that the first network device may be any router in anIGP domain.

A third aspect of the various embodiments provides a centralizedmanagement apparatus. The centralized management apparatus has afunction of implementing the method according to the first aspect. Thefunction may be implemented by hardware, or may be implemented byhardware executing corresponding software. The hardware or the softwareincludes one or more units corresponding to the foregoing function.

In one example implementation, the centralized management apparatusincludes a transceiver unit and a processing unit. The transceiver unitis configured to receive a first packet from a first network device byusing a first interior gateway protocol IGP monitoring protocol session,where the first packet includes a first message sent by the firstnetwork device to a second network device. The transceiver unit isfurther configured to receive a second packet from the second networkdevice by using a second IGP monitoring protocol session, where thesecond packet includes a second message sent by the second networkdevice to the first network device, and a message type of the secondmessage is the same as that of the first message. The processing unit isconfigured to perform fault diagnosis based on the first packet and thesecond packet.

In one example implementation, the centralized management apparatusincludes a processor, a transceiver, and a memory. The transceiver isconfigured to: receive and send information, the memory stores acomputer executable instruction, the processor is connected to thememory and the transceiver by using a bus, and the processor executesthe computer executable instruction stored in the memory, so that thecentralized management apparatus performs the following operations:receiving a first packet from a first network device by using a firstinterior gateway protocol IGP monitoring protocol session, where thefirst packet includes a first message sent by the first network deviceto a second network device; receiving a second packet from the secondnetwork device by using a second IGP monitoring protocol session, wherethe second packet includes a second message sent by the second networkdevice to the first network device, and a message type of the secondmessage is the same as that of the first message; and performing faultdiagnosis based on the first packet and the second packet.

Based on a same inventive concept, for a problem-resolving principle andbeneficial effects of the centralized management apparatus, refer to themethod in the first aspect and beneficial effects brought by the method.Therefore, for implementation of the centralized management apparatus,refer to the implementation of the method. Repeated parts are notdescribed again.

A fourth aspect of the various embodiments provides a first networkdevice. The first network device has a function of implementing themethod according to the second aspect. The function may be implementedby hardware, or may be implemented by hardware executing correspondingsoftware. The hardware or the software includes one or more unitscorresponding to the foregoing function.

In one example implementation, the first network device includes aprocessing unit and a transceiver unit. The processing unit isconfigured to encapsulate a message by using an IGP monitoring protocol,to obtain a packet, where the message is a message sent by the firstnetwork device to a second network device. The transceiver unit isconfigured to send the packet to a centralized management apparatus byusing an IGP monitoring protocol session.

In one example implementation, the first network device includes aprocessor, a transceiver, and a memory. The transceiver is configuredto: receive and send information, the memory stores a computerexecutable instruction, the processor is connected to the memory and thetransceiver by using a bus, and the processor executes the computerexecutable instruction stored in the memory, so that the first networkdevice performs the following operations: encapsulating a message byusing an IGP monitoring protocol, to obtain a packet, where the messageis a message sent by the first network device to a second networkdevice; and sending the packet to a centralized management apparatus byusing an IGP monitoring protocol session.

Based on a same inventive concept, for a problem-resolving principle andbeneficial effects of the first network device, refer to the method inthe second aspect and beneficial effects brought by the method.Therefore, for implementation of the first network device, refer to theimplementation of the method. Repeated parts are not described again.

A fifth aspect of the various embodiments provides a computer readablestorage medium. The computer readable storage medium stores aninstruction. When the instruction is run on a computer, the computer isenabled to perform the method according to the first aspect.

A sixth aspect of the various embodiments provides a computer programproduct including an instruction. When the computer program product isrun on a computer, the computer is enabled to perform the methodaccording to the first aspect.

A seventh aspect of the various embodiments provides a computer readablestorage medium. The computer readable storage medium stores aninstruction. When the instruction is run on a computer, the computer isenabled to perform the method according to the second aspect.

An eighth aspect of the various embodiments provides a computer programproduct including an instruction. When the computer program product isrun on a computer, the computer is enabled to perform the methodaccording to the second aspect.

BRIEF DESCRIPTION OF DRAWINGS

To describe the technical solutions in the various embodiments or in thebackground more clearly, the following describes the accompanyingdrawings required for describing the various embodiments or thebackground.

FIG. 1 is a schematic diagram of a network architecture according to anembodiment of this application;

FIG. 2 is a schematic flowchart of a fault diagnosis method according toan embodiment of this application;

FIG. 3 is an example diagram of a protocol message type of an IGPmonitoring protocol according to an embodiment of this application;

FIG. 4 is an example diagram of a format of a common message headeraccording to an embodiment of this application;

FIG. 5 is an example diagram 1 of a fault diagnosis method according toan embodiment of this application;

FIG. 6 is an example diagram 2 of a fault diagnosis method according toan embodiment of this application;

FIG. 7 is a schematic diagram of a logical structure of a centralizedmanagement apparatus according to an embodiment of this application;

FIG. 8 a is a simplified schematic diagram of a centralized entitystructure of a centralized management apparatus according to anembodiment of this application;

FIG. 8 b is a simplified schematic diagram of a distributed entitystructure of a centralized management apparatus according to anembodiment of this application;

FIG. 9 is a schematic diagram of a logical structure of a first networkdevice according to an embodiment of this application; and

FIG. 10 is a simplified schematic diagram of an entity structure of afirst network device according to an embodiment of this application.

DESCRIPTION OF EMBODIMENTS

The following describes names or terms used in the various embodiments.

Protocol data unit (PDU): The protocol data unit is a unit of datatransmitted between peer layers. A PDU at a physical layer is a databit, a PDU at a data link layer is a data frame, a PDU at a networklayer is a data packet, a PDU at a transport layer is a data segment,and a PDU at another higher layer is a packet. The PDU in the variousembodiments is a packet. It should be noted that in the variousembodiments, a PDU may be a packet, or a packet may be a PDU.

OSPF: OSPF is a link state routing protocol, and RIP is a distancevector routing protocol. A link is used to connect routers. OSPF is alsoreferred to as an interface status routing protocol. OSPF is used toestablish a link state database through a network interface state ofrouter notice and generate a shortest path tree. Each OSPF router usesthese shortest paths to construct a routing table. The OSPF routercollects connection state information of all routers in a network areain which the OSPF router is located, namely, link state information, andgenerates a link state database. The router learns of the link stateinformation of all the routers in the area, that is, learns of atopology status of an entire network. The OSPF router uses a shortestpath first (SPF) algorithm to independently obtain a router arriving atany destination through calculation.

IS-IS: IS-IS is also a link state routing protocol. Each IS-IS routerindependently establishes a network topology database to aggregateflooded network information. IS-IS uses a two-level hierarchicalstructure in a routing domain. A large routing domain is divided intoone or more areas (Areas), and three levels of routers are defined asfollows: a level-1, a level-2, and a level-1-2. An intra-area route ismanaged by the level-1 router, and an inter-area route is managed by thelevel-2 router.

A level-1 router is responsible for an intra-area route. The level-1router has neighbor relationships with only level-1 and level-1-2routers that belong to the same area as the level-1 router, andmaintains a level-1 link state database. The link state databaseincludes routing information in the area. A packet to be sent to theoutside of the area is forwarded to a nearest level-1-2 router. Alevel-2 router is responsible for an inter-area route. The level-2router may have neighbor relationships with level-2 and level-1-2routers in the same area as the level-2 router or other areas, andmaintain a level-2 link state database. The link state database includesinter-area routing information.

Working principles of the foregoing two link state routing protocols mayinclude: Each router establishes an adjacency relationship with aneighbor of the router by using a Hello packet; each router sends linkstate packets (link-state PDU, LSP) LSPs to each neighbor; afterreceiving the LSPs, each neighbor needs to forward these LSPs toneighbors of the neighbor in sequence; each router needs to store, in adatabase, backups of the LSPs received by the router, where databases ofall routers need to be the same; and based on a topology database, eachrouter uses an SPF algorithm to obtain a shortest path to each networkthrough calculation, and outputs the result to a routing table.

IGP monitoring protocol: The IGP monitoring protocol is a protocolprovided in the various embodiments. According to the protocol, acentralized management apparatus may monitor an IGP running request in anetwork and perform centralized diagnosis. In other words, the IGPmonitoring protocol is a protocol between the centralized managementapparatus and a router.

IGP monitoring protocol session: The IGP monitoring protocol session isa session based on an IGP monitoring protocol. In other words, the IGPmonitoring protocol session is a session between a centralizedmanagement apparatus and a router. The router may report IGP informationto the centralized management apparatus by using the IGP monitoringprotocol session, and the centralized management apparatus may determinefault information in a network through diagnosis based on the IGPinformation.

The IGP information is information about IGP used between routers, forexample, information about OSPF or information about IS-IS. The IGPinformation may include but is not limited to a link state packet, aHello packet, routing information, and the like.

It should be noted that the two nouns IGP monitoring protocol and IGPmonitoring protocol session do not constitute a limitation on variousembodiments, and other names used to describe technical essence of theIGP monitoring protocol and the IGP monitoring protocol session shallalso fall within the protection scope of the various embodiments.

In a network using IGP, a fault such as a failure of establishing aconnection between a router 1 and a router 2 or a failure of routelearning may occur. The router 1 and the router 2 are neighbors to eachother in the network.

For example, IGP is IS-IS. A reason why an IS-IS router 1 cannotestablish a connection to an IS-IS router 2 may be: A lower-layer faultor a link fault occurs on the IS-IS router 1 or the IS-IS router 2; theIS-IS router 1 or the IS-IS router 2 cannot normally receive and sendHello packets; IP addresses of interfaces of the IS-IS router 1 and theIS-IS router 2 are on different network segments; maximum transmissionunits (maximum transmission unit, MTU) on the interfaces of the IS-ISrouter 1 and the IS-IS router 2 are set to be inconsistent; systemidentifiers configured by the IS-IS router 1 and the IS-IS router 2 arethe same; IS-IS levels of the IS-IS router 1 and the IS-IS router 2 donot match; authentication manners on the IS-IS interfaces of the IS-ISrouter 1 and the IS-IS router 2 do not match; or area addresses of theIS-IS router 1 and the IS-IS router 2 do not match when an IS-IS level-1neighbor is established.

A reason why route learning of the IS-IS routers fails may be that anLSP is not normally received or a routing prefix is not normallyadvertised.

Currently, a manual fault diagnosis method is used to determine a fault.To be specific, an administrator enters a command line on each router ina network to query IGP state information and neighbor state information,so as to determine that the network is faulty. The administrator needsto compare information obtained from routers, to determine a faultcause.

The manual fault diagnosis method consumes a long time and affectsnormal working efficiency of the router. In view of these disadvantages,the various embodiments provide a fault diagnosis method and anapparatus thereof, so that the disadvantages of the manual faultdiagnosis method can be overcome, a time consumed for fault diagnosiscan be shortened, and impact on normal working efficiency of the routercan be reduced.

FIG. 1 is a schematic diagram of a network architecture to which anembodiment of this application is applied. The network architectureshown in FIG. 1 includes a centralized management apparatus and an IGPdomain. The IGP domain includes six routers: a router 1 (R1), a router 2(R2), a router 3 (R3), a router 4 (R4), a router 5 (R5), and a router 6(R6). It should be noted that device forms and quantities of thecentralized management apparatus and the routers shown in FIG. 1 do notconstitute a limitation on the various embodiments.

The IGP domain is an autonomous system. The autonomous system includes agroup of routers and networks that is controlled by one managementagency. In the autonomous system, a router may directly connect to alocal area network (local area network, LAN) and also connect to theinternet (Internet). In the autonomous system, a plurality of local areanetworks may be connected to each other through an enterprise backbonenetwork. All routers in an autonomous system are interconnected, and runa same routing protocol. In addition, a same autonomous system number isassigned to all the routers. In the IGP domain, a connection isestablished between the routers, in other words, an IGP session isestablished between the routers, and information is transmitted by usingthe IGP session. In other words, in the IGP domain, the routers use sameIGP to transmit the information, for example, use an OSPF protocol totransmit the information.

The centralized management apparatus may be a device independent of theIGP domain. The device may be a router or a switch, may be anapplication program running on the device, may be a function moduleintegrated into the device, or the like. The centralized managementapparatus may be a router in the IGP domain, or may be a function moduleintegrated into the router. The centralized management apparatus may bea controller or a network management device in a software-definednetwork (software defined network, SDN), may be an application programon the device, may be a function module integrated into the device, orthe like.

The centralized management apparatus may establish an IGP monitoringprotocol session with each router in the IGP domain, to monitor arunning status of IGP between the routers and perform fault diagnosis.In other words, each router reports IGP information to the centralizedmanagement apparatus by using the IGP monitoring protocol session, sothat the centralized management apparatus monitors the running status ofIGP based on the IGP information and performs fault diagnosis.

It should be noted that the name of the centralized management apparatusdoes not constitute a limitation on various embodiments, or thecentralized management apparatus may be referred to as a controller, acentralized management device, a network management device/apparatus, anetwork management device/apparatus, or the like.

It should be noted that the network device in this embodiment of thisapplication may be a router, a switch, or the like.

FIG. 2 is a schematic flowchart of a fault diagnosis method according toan embodiment of this application. An example in which two networkdevices interact with a centralized management apparatus is used in themethod for description. The method may include but is not limited to thefollowing steps.

Step S201: A first network device encapsulates a first message by usingan IGP monitoring protocol, to obtain a first packet.

In one example implementation, before the first network deviceencapsulates the first message by using the IGP monitoring protocol, orsends the first packet to the centralized management apparatus by usinga first IGP monitoring protocol session, the first network deviceestablishes the first IGP monitoring protocol session with thecentralized management apparatus.

A process in which the first network device establishes the first IGPmonitoring protocol session with the centralized management apparatusmay include:

(1) The centralized management apparatus configures an IP address (forexample, an IP address 1) used to establish an IGP monitoring protocolsession and a transmission control protocol (TCP) port number (forexample, a port 1) used for listening. The TCP port number is used bythe centralized management apparatus to listen to a TCP connectionestablishment request sent by the network device. When completing theconfiguration, the centralized management apparatus enters a state ofwaiting to establish a connection. A specific method in which thecentralized management apparatus configures the information is notlimited in this embodiment of this application.

(2) The first network device configures an IP address (an IP address 2)used to establish the IGP monitoring protocol session, the TCP portnumber (port 1) preconfigured by the centralized management apparatus,and the IP address 1 preconfigured by the centralized managementapparatus. In other words, a TCP port number configured by the firstnetwork device is the same as the TCP port number configured by thecentralized management apparatus for listening. The first network devicesends the TCP connection establishment request by using the TCP portnumber configured by the first network device. A specific method inwhich the first network device configures the information is not limitedin this embodiment of this application.

(3) When completing the configuration, the first network device sendsthe TCP connection establishment request to the centralized managementapparatus. The first network device may send the TCP connectionestablishment request to the centralized management apparatus by usingthe TCP port number (port 1). The TCP connection establishment requestmay include the IP address 2 of the first network device. The TCPconnection establishment request is used to establish the first IGPmonitoring protocol session.

(4) When receiving the TCP connection establishment request from thefirst network device, the centralized management apparatus establishesthe first IGP monitoring protocol session between the centralizedmanagement apparatus and the first network device by using the IPaddress 1 and the IP address 2.

The first network device encapsulates the first message by using the IGPmonitoring protocol, to obtain the first packet. The first message is amessage sent by the first network device to a second network device, andthe message may have been sent to the second network device, or may beto be sent to the second network device.

The first message may be a neighbor discovery message, may be link statedatabase information, or may be another message.

The neighbor discovery message may be an IGP Hello packet, for example,an IS-IS Hello packet or an OSPF Hello packet. The IS-IS Hello packet isused to establish and maintain a neighbor relationship, and is alsoreferred to as IIH (IS-IS Hello PDUs). Level-1 IS-IS in a broadcastnetwork uses level-1 LAN IIH. Level-2 IS-IS in the broadcast networkuses level-2 LAN IIH. Point-to-point (P2P) IIH is used in anon-broadcast network. A packet format of level-1/level-2 LAN IIH isdifferent from a packet format of P2P IIH. Details are not described inthis embodiment.

The link state database information includes at least one LSP. The linkstate database information sent by the first network device to thesecond network device includes an LSP of the first network device, andfurther includes LSPs of other network devices. For example, in thenetwork architecture shown in FIG. 1 , link state database informationsent by the R1 to the R2 includes an LSP of the R1, and further includesan LSP of the R2, an LSP of the R3, an LSP of the R4, an LSP of the R5,and an LSP of the R6. The LSP may be an IS-IS LSP or an OSPF LSP. LSPsincluded in one piece of link state database information have a sameIGP.

The IS-IS LSP is used to exchange link state information. The LSP isclassified into a level-1 LSP and a level-2 LSP. The level-1 LSP istransmitted by level-1 IS-IS, and the level-2 LSP is transmitted bylevel-2 IS-IS. A specific format of the LSP is not described in thisembodiment.

The first network device encapsulates the first message based on aprotocol message type defined in the IGP monitoring protocol, to obtainthe first packet. FIG. 3 is an example diagram of a protocol messagetype of an IGP monitoring protocol according to an embodiment of thisapplication. It should be noted that only two types of protocol messagesare described in FIG. 3 by using examples. In actual application,another type of protocol message may be further included. Details arenot listed one by one in this embodiment of this application.

If a first message is link state database information, a first networkdevice encapsulates the first message through a type 0, that is, linkstate packet monitoring (LSP monitoring), to obtain a first packet. Inthis case, a packet format of the first packet includes a common messageheader (common header) and a link state packet (LSP). The first networkdevice may encapsulate all LSPs of the first network device through thetype 0, and report all the LSPs to a centralized management apparatus atone time. In other words, the first packet includes all the LSPs of thefirst network device. When the LSP changes, the first network device mayencapsulate the changed LSP through the type 0, and report the changedLSP to the centralized management apparatus. In other words, the firstpacket includes the changed LSP.

If a first message is a neighbor discovery message, a first networkdevice encapsulates the first message through a type 1, that is,neighbor discovery (neighbor discovery), to obtain a first packet. Inthis case, a packet format of the first packet includes a common messageheader (common header) and a Hello packet (Hello PDU). When discoveringan active neighbor, the first network device may encapsulate the firstmessage, to obtain the first packet. In this case, the first packet mayindicate the discovered active neighbor. Alternatively, when discoveringthat an active neighbor withdraws from a network, the first networkdevice may encapsulate the first message, to obtain the first packet. Inthis case, the first packet may indicate the withdrawn neighbor.Alternatively, when discovering that a configuration parameter of aneighbor changes, the first network device may encapsulate the firstmessage, to obtain the first packet. In this case, the first packet mayindicate the neighbor whose configuration parameter changes, and theconfiguration parameter of the neighbor changes.

For a format of the common message header, refer to FIG. 4 . FIG. 4shows a format of a common message header defined in an embodiment ofthis application. The format includes a version number, a protocolidentifier (Protocol-ID), an OSPF neighbor identifier (NeighborID)/IS-IS system identifier (System-ID), a message length, and a messagetype (Message Type). It should be noted that the format of the commonmessage header shown in FIG. 4 is used as an example, and does notconstitute a limitation on this embodiment of this application. Inactual application, other information may be further included.

The version number is used to identify a version number supported by acurrent protocol. The protocol identifier is used to identify a type ofa currently monitored protocol, which may be one of protocol types suchas an IS-IS level 1, an IS-IS level 2, OSPFv2, and OSPFv3. The OSPFneighbor identifier/IS-IS system identifier is determined based on theprotocol identifier. If the protocol identifier is related to OSPF, thisfield is the OSPF neighbor identifier. If the protocol identifier isrelated to IS-IS, this field is the system identifier.

Step S202: The first network device sends the first packet to thecentralized management apparatus by using the first IGP monitoringprotocol session. Correspondingly, the centralized management apparatusreceives the first packet from the first network device by using thefirst IGP monitoring protocol session.

When the centralized management apparatus establishes the first IGPmonitoring protocol session, the first network device sends the firstpacket to the centralized management apparatus by using the first IGPmonitoring protocol session.

Step S203: The second network device encapsulates a second message byusing the IGP monitoring protocol, to obtain a second packet.

Step S204: The second network device sends the second packet to thecentralized management apparatus by using a second IGP monitoringprotocol session. Correspondingly, the centralized management apparatusreceives the second packet from the second network device by using thesecond IGP monitoring protocol session.

Implementation processes of step S203 and step S204 are similar to thoseof step S201 and step S202, and a difference lies in that the second IGPmonitoring protocol session is a session between the centralizedmanagement apparatus and the second network device; and the secondmessage is a message sent by the second network device to the firstnetwork device.

It should be noted that the first message and the second message aremessages of a same type, for example, both are neighbor discoverymessages or both are link state database information. In this case, thefirst packet and the second packet use a same protocol message type, forexample, both use the type 0 or the type 1.

It should be noted that a sequence of step S201 and step S203 is notlimited in this embodiment of this application, and the two steps may beor may not be simultaneously performed.

This depends on a specific case.

Step S205: The centralized management apparatus performs fault diagnosisbased on the first packet and the second packet.

When receiving the first packet and the second packet, the centralizedmanagement apparatus parses the first packet and the second packet, toobtain protocol message types; and performs fault diagnosis based on thefirst packet and the second packet if the first packet and the secondpacket use a same protocol message type.

The centralized management apparatus performs fault diagnosis when thefirst packet and the second packet do not meet a packet rule. Thecentralized management apparatus performs no processing when the firstpacket and the second packet meet a packet rule.

In the embodiment shown in FIG. 2 , the centralized management apparatusdirectly performs fault diagnosis without a query instruction entered byan administrator, so that disadvantages of a manual fault diagnosismethod can be overcome, a time consumed for fault diagnosis can beshortened, and impact on normal working efficiency of a network devicecan be reduced.

It should be noted that an example in which the two network devicesinteract with the centralized management apparatus is used in theembodiment shown in FIG. 2 . In actual application, the centralizedmanagement apparatus may establish an IGP monitoring protocol sessionwith each network device in an IGP domain, collect a packet sent by eachnetwork device, and perform real-time monitoring and fault diagnosis onthe network device in the IGP domain based on a protocol message typeused by the packet.

The following uses an example in which the first message and the secondmessage are neighbor discovery messages or link state databaseinformation for description.

FIG. 5 is an example diagram 1 of a fault diagnosis method according toan embodiment of this application. In this example, a first message anda second message are neighbor discovery messages, namely, IGP Hellopackets.

Step S301: A first network device encapsulates a first IGP Hello packetby using an IGP monitoring protocol, to obtain a first packet.

With reference to the example diagram shown in FIG. 3 , the firstnetwork device encapsulates the first IGP Hello packet through a type 1,that is, neighbor discovery (neighbor discovery), to obtain the firstpacket.

Step S302: The first network device sends the first packet to acentralized management apparatus by using a first IGP monitoringprotocol session. Correspondingly, the centralized management apparatusreceives the first packet from the first network device by using thefirst IGP monitoring protocol session.

Step S303: A second network device encapsulates a second IGP Hellopacket by using the IGP monitoring protocol, to obtain a second packet.

Step S304: The second network device sends the second packet to thecentralized management apparatus by using a second IGP monitoringprotocol session. Correspondingly, the centralized management apparatusreceives the second packet from the second network device by using thesecond IGP monitoring protocol session.

Step S305: The centralized management apparatus performs fault diagnosisbased on the first packet and the second packet.

The centralized management apparatus performs fault diagnosis when thefirst packet and the second packet do not meet an IGP connectionestablishment rule, and may determine, through diagnosis, that there isa fault that a connection between the first network device and thesecond network device cannot be established, in other words, the firstnetwork device cannot establish a connection to the second networkdevice, or the second network device cannot establish a connection tothe first network device.

The first IGP Hello packet and the second IGP Hello packet each maycarry at least one piece of information such as an IP address, anauthentication manner, a system identifier, an IS-IS level, and an MTUvalue that are on a local interface.

In one example implementation, the first IGP Hello packet carries an IPaddress 1 of the first network device, and the second IGP Hello packetcarries an IP address 2 of the second network device. The centralizedmanagement apparatus detects whether the IP address 1 and the IP address2 are on a same network segment. If the IP address 1 and the IP address2 are on different network segments, the centralized managementapparatus may determine that the first packet and the second packet donot meet the IGP connection establishment rule. In this case, the IGPconnection establishment rule may be that IP addresses at two ends of alink need to be on the same network segment.

Further, the centralized management apparatus may determine that a faultcause of an IGP neighbor fault is that the IP addresses of the firstnetwork device and the second network device are on the differentnetwork segments, so that an administrator can adjust the IP address ofthe first network device or the second network device. It may beunderstood that the IP addresses of the first network device and thesecond network device are on the different network segments, andconsequently the connection between the first network device and thesecond network device cannot be established.

In one example implementation, the first IGP Hello packet carries anauthentication manner of the first network device, and the second IGPHello packet carries an authentication manner of the second networkdevice. The authentication manner is an interface authentication manner.If IGP is an IS-IS protocol, the authentication manner may be an IS-ISinterface authentication manner. If IGP is an OSPF protocol, theauthentication manner may be an OSPF interface authentication manner.The centralized management apparatus detects whether the authenticationmanner of the first network device matches the authentication manner ofthe second network device. If the authentication manner of the firstnetwork device does not match the authentication manner of the secondnetwork device, the centralized management apparatus may determine thatthe first packet and the second packet do not meet the IGP connectionestablishment rule. In this case, the IGP connection establishment rulemay be that interface authentication manners at two ends of a link needto be matched.

Further, the centralized management apparatus may determine that a faultcause of an IGP neighbor fault is that the authentication manners of thefirst network device and the second network device do not match, so thatan administrator can adjust the interface authentication manner of thefirst network device or the second network device. It may be understoodthat the authentication manners of the first network device and thesecond network device do not match, and consequently the connectionbetween the first network device and the second network device cannot beestablished.

In one example implementation, the first IGP Hello packet carries asystem identifier of the first network device, and the second IGP Hellopacket carries a system identifier of the second network device. Thecentralized management apparatus detects whether the system identifierof the first network device is the same as the system identifier of thesecond network device. If the system identifier of the first networkdevice is the same as the system identifier of the second networkdevice, the centralized management apparatus may determine that thefirst packet and the second packet do not meet the IGP connectionestablishment rule. In this case, the IGP connection establishment rulemay be that system identifiers at two ends of a link need to bedifferent. The system identifier may be a system identifier (system ID)specified in an IS-IS protocol.

Further, the centralized management apparatus may determine that a faultcause of an IGP neighbor fault is that the system identifiers of thefirst network device and the second network device are the same orconflict, so that an administrator can adjust the system identifier ofthe first network device or the second network device. It may beunderstood that the system identifiers of the first network device andthe second network device are the same, and consequently the connectionbetween the first network device and the second network device cannot beestablished.

In one example implementation, the first IGP Hello packet carries anIS-IS level of the first network device, and the second IGP Hello packetcarries an IS-IS level of the second network device. The centralizedmanagement apparatus detects whether the IS-IS level of the firstnetwork device matches the IS-IS level of the second network device. Ifthe IS-IS level of the first network device does not match the IS-ISlevel of the second network device, the centralized management apparatusmay determine that the first packet and the second packet do not meetthe IGP connection establishment rule. In this case, the IGP connectionestablishment rule may be that IS-IS levels at two ends of a link needto be matched. For example, the IS-IS level of the first network deviceis a level-1, and the IS-IS level of the second network device is alevel-2. The level-1 does not match the level-2. The centralizedmanagement apparatus may determine that the first packet and the secondpacket do not meet the IGP connection establishment rule.

Further, the centralized management apparatus may determine that a faultcause of an IGP neighbor fault is that the IS-IS levels of the firstnetwork device and the second network device do not match, so that anadministrator can adjust the IS-IS level of the first network device orthe second network device. It may be understood that the IS-IS levels ofthe first network device and the second network device do not match, andconsequently the connection between the first network device and thesecond network device cannot be established.

In example implementation, the first IGP Hello packet carries an MTUvalue of the first network device, and the second IGP Hello packetcarries an MTU value of the second network device. The centralizedmanagement apparatus detects whether the MTU value of the first networkdevice is the same as the MTU value of the second network device. If theMTU value of the first network device is different from the MTU value ofthe second network device, the centralized management apparatus maydetermine that the first packet and the second packet do not meet theIGP connection establishment rule. In this case, the IGP connectionestablishment rule may be that MTU values at two ends of a link need tobe the same.

Further, the centralized management apparatus may determine that a faultcause of an IGP neighbor fault is that the MTU values of the firstnetwork device and the second network device are different, so that anadministrator can adjust the MTU value of the first network device orthe second network device. It may be understood that the MTU values ofthe first network device and the second network device are different,and consequently the connection between the first network device and thesecond network device cannot be established.

Further, the centralized management apparatus generates informationabout adjusting an MTU value if the MTU value of the first networkdevice or the MTU value of the second network device is less than an MTUthreshold, and consequently an IGP protocol packet is divided into aplurality of small segments. The information about adjusting an MTUvalue is used to instruct the administrator to adjust the maximumtransmission unit value of the first network device or the secondnetwork device. For example, the centralized management apparatusgenerates and outputs the information about adjusting a maximumtransmission unit. When obtaining the information, the administratorqueries the maximum transmission unit values of the two network devices,to determine whether to adjust the maximum transmission unit value ofthe first network device or the second network device, so as to optimizerunning of IGP.

It should be noted that the foregoing manners are relatively commonexamples. In actual application, another manner may be further included,and is not listed herein.

When determining that there is the fault that the connection between thefirst network device and the second network device cannot beestablished, the centralized management apparatus generates alarminformation to indicate the fault, so that an administrator performscorresponding adjustment. The alarm information may carry a fault cause,so that the administrator performs targeted adjustment based on thefault cause.

In the example shown in FIG. 5 , the centralized management apparatuscollects a packet obtained by performing encapsulation through the type0, performs fault diagnosis, and may further determine the fault causethrough diagnosis, so that the administrator correspondingly adjusts acorresponding network device.

FIG. 6 is an example diagram 2 of a fault diagnosis method according toan embodiment of this application. In this example, a first message anda second message are link state database information.

Step S401: A first network device generates first link state databaseinformation.

The first network device aggregates an LSP generated by the firstnetwork device and an LSP received from another network device, togenerate an LSP database, for example, an LSP DB 1. The LSP database isreferred to as the first link state database information.

It may be understood that the first link state database informationincludes the LSP generated by the first network device and the LSPreceived from another network device. In other words, the first linkstate database information includes at least one LSP. It should be notedthat the name of the link state database information does not constitutea limitation on the various embodiments, and another name used todescribe the link state database information including the at least oneLSP shall fall within the protection scope of the various embodiments.For example, the link state database information is referred to as linkstate information or link state packet information.

For example, in the schematic diagram of the network architecture shownin FIG. 1 , it is assumed that the first network device is the R1, asecond network device is the R2, and first link state databaseinformation sent by the R1 to the R2 includes six LSPs, that is, an LSP1 generated by the R1, an LSP 2 generated by the R2, an LSP 3 generatedby the R3, an LSP 4 generated by the R4, an LSP 5 generated by the R5,and an LSP 6 generated by the R6.

When generating the first link state database information, the firstnetwork device may synchronize the first link state database informationto the second network device. In other words, the first network devicesends the first link state database information, namely, the firstmessage, to the second network device.

When receiving the first link state database information, the secondnetwork device may update second link state database informationgenerated by the second network device.

If there is no route learning fault between the first network device andthe second network device, the first link state database information isconsistent with the second link state database information. “Consistent”means that quantities of included LSPs are consistent, same LSPs areincluded, and content included in the same LSPs needs to be the same.For example, the first link state database information includes an LSP 1and an LSP 2, and the second link state database information includesthe LSP 1 and the LSP 2. In addition, content of the LSPs 1 included inthe two pieces of information is the same, and content included in theLSPs 2 is the same. In this case, the first link state databaseinformation is consistent with the second link state databaseinformation.

Step S402: The first network device encapsulates the first link statedatabase information by using an IGP monitoring protocol, to obtain afirst packet.

With reference to the example diagram shown in FIG. 3 , the firstnetwork device encapsulates the first link state database informationthrough a type 0, that is, link state packet monitoring (LSPmonitoring), to obtain the first packet.

Step S403: The first network device sends the first packet to acentralized management apparatus by using a first IGP monitoringprotocol session. Correspondingly, the centralized management apparatusreceives the first packet from the first network device by using thefirst IGP monitoring protocol session.

Step S404: The second network device generates the second link statedatabase information.

Step S405: The second network device encapsulates the second link statedatabase information by using the IGP monitoring protocol, to obtain asecond packet.

Step S406: The second network device sends the second packet to thecentralized management apparatus by using a second IGP monitoringprotocol session. Correspondingly, the centralized management apparatusreceives the second packet from the second network device by using thesecond IGP monitoring protocol session.

Step S407: The centralized management apparatus performs fault diagnosisbased on the first packet and the second packet.

In the example shown in FIG. 6 , the centralized management apparatusperforms fault diagnosis when the first packet and the second packet donot meet a packet rule, and may determine, through diagnosis, that thereis the route learning fault. The route learning fault is that routelearning of the first network device or the second network device fails.

The packet rule is that link state database information at two ends of alink needs to be consistent. The link state database informationincludes at least one link state packet.

In one example implementation, if at least one link state packetincluded in the first packet does not include at least one link statepacket included in the second packet, or at least one link state packetincluded in the second packet does not include at least one link statepacket included in the first packet, in other words, the at least onelink state packet sent by one network device cannot be found on theother network device, the centralized management apparatus determinesthat the first packet and the second packet do not meet the packet rule.For example, if the first packet includes an LSP 1 and an LSP 2, and theLSP 1 is a packet generated by the first network device, but the secondpacket does not include the LSP 1, the centralized management apparatusdetermines that the first packet and the second packet do not meet thepacket rule.

Further, the centralized management apparatus may determine that a faultcause of the route learning fault is that a link state packet receivedby the first network device or the second network device is incorrect,in other words, the first network device or the second network devicefails to receive the link state packet. For example, if the first packetincludes an LSP 1 and an LSP 2, and the LSP 1 is a packet generated bythe first network device, but the second packet does not include the LSP1, the centralized management apparatus may determine that the faultcause is that the link state packet received by the second networkdevice is incorrect, in other words, the second network device does notreceive the link state packet 1. In other words, the second networkdevice does not receive the link state packet 1 sent by the firstnetwork device to the second network device.

In one example implementation, if at least one link state packetincluded in the first packet does not match at least one link statepacket included in the second packet, the centralized managementapparatus determines that the first packet and the second packet do notmeet the packet rule.

If an LSP 1 sent by the first network device includes an IP prefix P1,in other words, the LSP 1 of the first packet carries the IP prefix P1,but when the first network device synchronizes the LSP 1 to the secondnetwork device, the IP prefix P1 is not carried in the LSP 1, in otherwords, the LSP 1 of the second packet does not carry the IP prefix P1.In this case, the centralized management apparatus may determine thatthe at least one link state packet included in the first packet does notmatch the at least one link state packet included in the second packet.

If an LSP 1 sent by the first network device includes an IP prefix P1,in other words, the LSP 1 of the first packet carries the IP prefix P1,but when the first network device synchronizes the LSP 1 to the secondnetwork device, the LSP 1 carries an IP prefix P2 in addition to the IPprefix P1, in other words, the LSP 1 of the second packet carries the IPprefixes P1 and P2. In this case, the centralized management apparatusmay determine that the at least one link state packet included in thefirst packet does not match the at least one link state packet includedin the second packet.

Further, the centralized management apparatus may determine that a faultcause of the route learning fault is that a routing prefix sent by thefirst network device or the second network device is incorrect. Therouting prefix may be an IP prefix. For example, if the LSP 1 of thefirst packet carries the IP prefix P1, and the LSP of the second packetdoes not carry the IP prefix P1 or carries the IP prefix P1 and the IPprefix P2, the centralized management apparatus may determine that thefault cause is that the routing prefix sent by the first network deviceis incorrect.

It should be noted that the foregoing manners are relatively commonexamples. In actual application, another manner may be further included,and is not listed herein.

When determining that there is the route learning fault, the centralizedmanagement apparatus generates alarm information to indicate the fault,so that an administrator can handle the fault in time.

In example implementation, when there is a relatively large quantity ofLSPs included in the link state database information, the packet may bedivided into a plurality of segments for sending. In this case, thecentralized management apparatus may perform targeted collection basedon protocol message types used by the segments, to help perform IGPmonitoring and fault diagnosis. For example, the first packet obtainedby encapsulating the first link state database information through thetype 1 is divided into three segments. In this case, the centralizedmanagement apparatus collects information about the type 1, to performIGP monitoring and fault diagnosis.

In the example shown in FIG. 5 , the centralized management apparatusmay collect a packet obtained by performing encapsulation through thetype 1, performs route learning fault diagnosis, and may furtherdetermine the fault cause through diagnosis, so that the administratorcan handle the fault in time.

It should be noted that the examples shown in FIG. 5 and FIG. 6 are usedas examples. In actual application, the centralized management apparatusmay further collect a packet obtained by performing encapsulation byusing another protocol message type, to perform fault diagnosis.

The foregoing describes in detail the methods in the variousembodiments. The following provides apparatuses in various embodiments.

FIG. 7 is a schematic diagram of a logical structure of a centralizedmanagement apparatus according to an embodiment of this application. Thecentralized management apparatus 50 may include a transceiver unit 501and a processing unit 502.

The transceiver unit 501 is configured to receive a first packet from afirst network device by using a first interior gateway protocol IGPmonitoring protocol session. The first packet includes a first messagesent by the first network device to a second network device.

The transceiver unit 501 is further configured to receive a secondpacket from the second network device by using a second IGP monitoringprotocol session. The second packet includes a second message sent bythe second network device to the first network device, and a messagetype of the second message is the same as that of the first message.

The processing unit 502 is configured to perform fault diagnosis basedon the first packet and the second packet.

It should be noted that the transceiver unit 501 is configured toperform step S202 and step S204 in the embodiment shown in FIG. 2 , andthe processing unit 502 is configured to perform step S205 in theembodiment shown in FIG. 2 . For details, refer to the specificdescriptions in the embodiment shown in FIG. 2 . The details are notdescribed herein again.

In example implementation, the processing unit 502 is specificallyconfigured to perform fault diagnosis when the first packet and thesecond packet do not meet a packet rule.

In example implementation, the first message and the second message areneighbor discovery messages, and the neighbor discovery message includesat least one of an authentication manner, a system identifier, anintermediate system to intermediate system IS-IS level, and a maximumtransmission unit value. The packet rule is an IGP connectionestablishment rule, and the IGP connection establishment rule includes arule that authentication manners at two ends of a link need to bematched, a rule that system identifiers at the two ends of the link needto be different, a rule that IS-IS levels at the two ends of the linkneed to be matched, and a rule that maximum transmission unit values atthe two ends of the link need to be the same.

The processing unit 502 is further configured to: if an authenticationmanner of the first network device does not match an authenticationmanner of the second network device, determine that the first packet andthe second packet do not meet the packet rule.

The processing unit 502 is further configured to: if a system identifierof the first network device is the same as a system identifier of thesecond network device, determine that the first packet and the secondpacket do not meet the packet rule.

The processing unit 502 is further configured to: if an IS-IS level ofthe first network device does not match an IS-IS level of the secondnetwork device, determine that the first packet and the second packet donot meet the packet rule.

The processing unit 502 is further configured to: if a maximumtransmission unit value of the first network device is different from amaximum transmission unit value of the second network device, determinethat the first packet and the second packet do not meet the packet rule.

In example implementation, the processing unit 502 is specificallyconfigured to determine a fault that a connection between the firstnetwork device and the second network device cannot be established.

If the authentication manner of the first network device does not matchthe authentication manner of the second network device, the processingunit 502 is specifically configured to determine that a fault cause ofthe fault is that the authentication manner of the first network devicedoes not match the authentication manner of the second network device.

If the system identifier of the first network device is the same as thesystem identifier of the second network device, the processing unit 502is specifically configured to determine that a fault cause of the faultis that the system identifier of the first network device is the same asthe system identifier of the second network device.

If the IS-IS level of the first network device does not match the IS-ISlevel of the second network device, the processing unit 502 isspecifically configured to determine that a fault cause of the fault isthat the IS-IS level of the first network device does not match theIS-IS level of the second network device.

If the maximum transmission unit value of the first network device isdifferent from the maximum transmission unit value of the second networkdevice, the processing unit 502 is specifically configured to determinethat a fault cause of the fault is that the maximum transmission unitvalue of the first network device is different from the maximumtransmission unit value of the second network device.

In example implementation, the processing unit 502 is further configuredto generate alarm information. The alarm information is used to indicatethat there is the fault that the connection between the first networkdevice and the second network device cannot be established.

In example implementation, the processing unit 502 is further configuredto generate information about adjusting a maximum transmission unitvalue if the maximum transmission unit values of the first networkdevice and the second network device do not meet the IGP connectionestablishment rule, and the maximum transmission unit value of the firstnetwork device or the second network device is less than a maximumtransmission unit threshold. The information about adjusting a maximumtransmission unit value is used to instruct an administrator to adjustthe maximum transmission unit value of the first network device or thesecond network device.

In example implementation, the first message and the second message arelink state database information, and the link state packet databaseinformation includes at least one link state packet.

The processing unit 502 is further configured to: if at least one linkstate packet included in the first packet is inconsistent with at leastone link state packet included in the second packet, determine that thefirst packet and the second packet do not meet the packet rule.

In example implementation, the processing unit 502 is specificallyconfigured to determine that there is a route learning fault. The routelearning fault is that route learning of the first network device or thesecond network device fails.

If the at least one link state packet included in the first packet doesnot match the at least one link state packet included in the secondpacket, the processing unit 502 is specifically configured to determinethat a fault cause of the route learning fault is that a routing prefixsent by the first network device or the second network device isincorrect.

If the at least one link state packet included in the first packet doesnot include the at least one link state packet included in the secondpacket, or the at least one link state packet included in the secondpacket does not include the at least one link state packet included inthe first packet, the processing unit 502 is specifically configured todetermine that a fault cause of the route learning fault is that a linkstate packet received by the first network device or the second networkdevice is incorrect.

In example implementation, the processing unit 502 is further configuredto generate alarm information. The alarm information is used to indicatethat there is the route learning fault.

In example implementation, the processing unit 502 is further configuredto configure a first IP address used to establish an IGP monitoringprotocol session and a TCP port number.

The transceiver unit 501 is further configured to receive a TCPconnection establishment request from the first network device by usingthe TCP port number. The TCP connection establishment request includes asecond IP address that is used to establish the IGP monitoring protocolsession and that is configured by the first network device.

The processing unit 502 is further configured to establish the first IGPmonitoring protocol session.

The centralized management apparatus 50 may implement a function of thecentralized management apparatus in the foregoing method embodiment. Fordetailed processes performed by the units in the centralized managementapparatus 50, refer to the steps performed by the centralized managementapparatus in the foregoing method embodiment. Details are not describedherein again.

FIG. 8 a is a simplified schematic diagram of a centralized entitystructure of a centralized management apparatus according to anembodiment of this application. The centralized management apparatus 60a includes a transceiver 601 a, a processor 602 a, and a memory 603 a.

The transceiver 601 a, the processor 602 a, and the memory 603 a may beconnected to each other by using a bus 604 a, or may be connected toeach other in another manner. A related function implemented by thetransceiver unit 501 shown in FIG. 7 may be implemented by thetransceiver 601 a. A related function implemented by the processing unit502 shown in FIG. 7 may be implemented by the processor 602 a.

The transceiver 601 a is configured to: send data and/or signaling, andreceive data and/or signaling. In this embodiment of this application,the transceiver 601 a is configured to receive a packet, datainformation, and the like, for example, perform step S202 and step S204in the embodiment shown in FIG. 2 .

The processor 602 a may include one or more processors, for example,include one or more central processing units (CPU). When the processor602 a is a CPU, the CPU may be a single-core CPU or a multi-core CPU. Inthis embodiment of this application, the processor 602 a is configuredto perform related content of packet processing in the foregoing methodembodiment, for example, perform step S205 in the embodiment shown inFIG. 2 .

The memory 603 a includes but is not limited to a random access memory(RAM), a read-only memory (ROM), an erasable programmable read-onlymemory (EPROM), or a compact disc read-only memory (CD-ROM). The memory603 a is configured to store a related instruction and data. The memory603 a is configured to store program code and data that are of thecentralized management apparatus 60 a.

FIG. 8 b is a simplified schematic diagram of a distributed entitystructure of a centralized management apparatus according to anembodiment of this application. The centralized management apparatus 60b includes a main control board 601 b and an interface board 602 b.

The main control board 601 b includes a processor 6011 b and a memory6012 b. In this embodiment of this application, the main control board601 b is configured to process a packet, for example, perform step S205in the embodiment shown in FIG. 2 . The packet may be specificallyprocessed by the processor 6011 b. The memory 6012 b stores a relatedinstruction and data that are used by the processor 6011 b to processthe packet.

The interface board 602 b includes a processor 6021 b, a memory 6022 b,and an interface card 6023 b. In this embodiment of this application,the interface board 602 b is configured to receive a packet, forexample, perform step S202 and step S204 in the embodiment shown in FIG.2 . The packet may be specifically received by the interface card 6023b. The processor 6021 b is configured to control the interface card 6023b to receive the packet. The memory 6022 b stores a related instructionand data that are used by the processor 6021 b to control the interfacecard 6023 b to receive the packet.

It may be understood that FIG. 8 a and FIG. 8 b merely show simplifieddesigns of the centralized management apparatus. In actual application,the centralized management apparatus may further include other necessarycomponents, including but not limited to any quantity of transceivers,processors, controllers, memories, communications units, and the like.All apparatuses that can implement this application fall within theprotection scope of this application.

It should be noted that the centralized management apparatus shown inFIG. 7 , FIG. 8 a , or FIG. 8 b may be a router or a switch independentof an IGP domain, or may be a function module integrated into the routeror the switch.

FIG. 9 is a schematic diagram of a logical structure of a first networkdevice according to an embodiment of this application. The first networkdevice 70 may include a processing unit 701 and a transceiver unit 702.

The processing unit 701 is configured to encapsulate a message by usingan IGP monitoring protocol, to obtain a packet. The message is a messagesent by the first network device to a second network device.

The transceiver unit 702 is configured to send the packet to acentralized management apparatus by using an IGP monitoring protocolsession.

It should be noted that the processing unit 701 is configured to performstep S201 in the embodiment shown in FIG. 2 , and the transceiver unit702 is configured to perform step S202 in the embodiment shown in FIG. 2. For details, refer to the specific descriptions in the embodimentshown in FIG. 2 . The details are not described herein again.

In example implementation, the processing unit 701 is further configuredto configure a second IP address used to establish the IGP monitoringprotocol session, and a first IP address used to establish the IGPmonitoring protocol session and a TCP port number that are configured bythe centralized management apparatus.

The transceiver unit 702 is further configured to send a TCP connectionestablishment request to the centralized management apparatus by usingthe TCP port number. The TCP connection establishment request includesthe second IP address, and the TCP connection establishment request isused to establish the IGP monitoring protocol session.

The first network device 70 may implement a function of the firstnetwork device in the foregoing method embodiment. For detailedprocesses performed by the units in the first network device 70, referto the steps performed by the first network device in the foregoingmethod embodiment. Details are not described herein again.

FIG. 10 is a simplified schematic diagram of an entity structure of afirst network device according to an embodiment of this application. Thefirst network device 80 includes a transceiver 801, a processor 802, anda memory 803. The transceiver 801, the processor 802, and the memory 803may be connected to each other by using a bus 804, or may be connectedto each other in another manner. A related function implemented by theprocessing unit 701 shown in FIG. 9 may be implemented by the processor802. A related function implemented by the transceiver unit 702 shown inFIG. 9 may be implemented by the transceiver 801.

The transceiver 801 is configured to: send data and/or signaling, andreceive data and/or signaling. In this embodiment of this application,the transceiver 801 is configured to send a packet, data information,and the like, for example, perform step S202 in the embodiment shown inFIG. 2 .

The processor 802 may include one or more processors, for example,include one or more CPUs. When the processor 802 is a CPU, the CPU maybe a single-core CPU or a multi-core CPU. In this embodiment of thisapplication, the processor 802 is configured to perform step S201 in theembodiment shown in FIG. 2 .

The memory 803 includes but is not limited to a RAM, a ROM, an EPROM, ora CD-ROM. The memory 803 is configured to store a related instructionand data. The memory 803 is configured to store program code and datathat are of the first network device 80.

It may be understood that FIG. 10 merely shows a simplified design ofthe first network device. In actual application, the first networkdevice may further include other necessary components, including but notlimited to any quantity of transceivers, processors, controllers,memories, communications units, and the like. All apparatuses that canimplement this application fall within the protection scope of thisapplication.

It should be noted that the first network device shown in FIG. 9 or FIG.10 may be any router in an IGP domain.

An embodiment of this application further provides a fault diagnosissystem, including a centralized management apparatus and at least twonetwork devices.

A person of ordinary skill in the art may understand that all or some ofthe procedures of the methods in the embodiments may be implemented by acomputer program instructing related hardware. The program may be storedin a computer readable storage medium. When the program is executed, theprocedures of the method embodiments may be included. The foregoingstorage medium includes any medium that can store program code such as aROM, a random access memory RAM, a magnetic disk, or an optical disc.Therefore, another embodiment of this application provides a computerreadable storage medium. The computer readable storage medium stores aninstruction. When the instruction is run on a computer, the computer isenabled to perform the methods in the foregoing aspects.

Another embodiment further provides a computer program product includingan instruction. When the computer program product is run on a computer,the computer is enabled to perform the methods in the foregoing aspects.

A person of ordinary skill in the art may be aware that units andalgorithm steps in the examples described with reference to theembodiments disclosed in this application can be implemented byelectronic hardware or a combination of computer software and electronichardware. Whether the functions are performed by hardware or softwaredepends on particular applications and design constraints of thetechnical solutions. A person skilled in the art may use differentmethods to implement the described functions for each particularapplication, but it should not be considered that the implementationgoes beyond the scope of this application.

It may be clearly understood by a person skilled in the art that for thepurpose of convenient and brief description, for a detailed workingprocess of the foregoing described system, apparatus, and unit,reference may be made to a corresponding process in the foregoing methodembodiments. Details are not described herein again.

In the several embodiments provided in this application, it should beunderstood that the disclosed system, apparatus, and method may beimplemented in another manner. For example, the foregoing describedapparatus embodiment is merely an example. For example, division intothe units is merely logical function division and may be other divisionin an actual implementation. For example, a plurality of units orcomponents may be combined or integrated into another system, or somefeatures may be ignored or not performed. In addition, the displayed ordiscussed mutual couplings or direct couplings or communicationconnections may be implemented by using some interfaces. The indirectcouplings or communication connections between the apparatuses or unitsmay be implemented in electronic, mechanical, or another form.

The units described as separate parts may or may not be physicallyseparate, and parts displayed as units may or may not be physical units,and may be located in one position, or may be distributed on a pluralityof network units. Some or all of the units may be selected based on anactual requirement to achieve the objectives of the solutions of theembodiments.

In addition, function units in the various embodiments may be integratedinto one processing unit, or each of the units may exist alonephysically, or two or more units are integrated into one unit.

All or some of the foregoing embodiments may be implemented by usingsoftware, hardware, firmware, or any combination thereof. When softwareis used to implement the embodiments, the embodiments may be implementedcompletely or partially in a form of a computer program product. Thecomputer program product includes one or more computer programinstructions. When the computer program instructions are loaded andexecuted on a computer, the procedures or functions according to theembodiments of the present invention are completely or partiallygenerated. The computer may be a general-purpose computer, a dedicatedcomputer, a computer network, or another programmable apparatus. Thecomputer instructions may be stored in a computer readable storagemedium, or may be transmitted by using a computer readable storagemedium. The computer instructions may be transmitted from a website,computer, server, or data center to another website, computer, server,or data center in a wired (for example, a coaxial cable, an opticalfiber, or a digital subscriber line (DSL)) or wireless (for example,infrared, radio, or microwave) manner. The computer readable storagemedium may be any usable medium accessible by a computer, or a datastorage device, such as a server or a data center, integrating one ormore usable media. The usable medium may be a magnetic medium (forexample, a floppy disk, a hard disk, or a magnetic tape), an opticalmedium (for example, a DVD), a semiconductor medium (for example, asolid state disk (SSD)), or the like.

What is claimed is:
 1. A method, comprising: receiving, by a centralizedmanagement apparatus, a first packet from a first network device througha first Interior Gateway Protocol monitoring protocol (IMP) session,wherein the first packet comprises a first link state database sent bythe first network device to a second network device; and storing, by thecentralized management apparatus, the first link state database.
 2. Themethod according to claim 1, wherein the method further comprises:receiving, by the centralized management apparatus, a second packet froma second network device through a second IMP session, wherein the secondpacket comprises a second link state database received by the secondnetwork device from the first network device; storing, by thecentralized management apparatus, the second link state database.
 3. Themethod according to claim 2, the method further comprising: performing,by the centralized management apparatus, a fault diagnosis according tothe first link state database and the second link state database.
 4. Themethod according to claim 1, wherein the first IMP session is based ontransmission control protocol (TCP).
 5. The method according to claim 1,wherein the first IMP session and the second IMP session have differentTCP ports.
 6. The method according to claim 1, wherein before receiving,by the centralized management apparatus, the first packet from the firstnetwork device through the first IGP monitoring protocol session, themethod further comprises: configuring, by the centralized managementapparatus, a first IP address configured to establish an IGP monitoringprotocol session and a transmission control protocol (TCP) port number;receiving, by the centralized management apparatus, a TCP connectionestablishment request from the first network device by using the TCPport number, wherein the TCP connection establishment request comprisesa second IP address that is used to establish the IGP monitoringprotocol session and that is configured by the first network device; andestablishing, by the centralized management apparatus, the first IGPmonitoring protocol session.
 7. A method, comprising: generating, by afirst network device, a packet comprising a first link state databasesent by the first network device to a second network device; sending, bythe first network device, the packet to a centralized managementapparatus through an IGP monitoring protocol session (IMP).
 8. Themethod according to claim 7, wherein the first IMP session is based ontransmission control protocol (TCP).
 9. The method according to claim 7,wherein the method further comprises: configuring, by the first networkdevice, a first IP address used to establish the IMP session, and asecond IP address used to establish the IMP session and a TCP portnumber that are configured by the centralized management apparatus; andsending, by the first network device, a TCP connection establishmentrequest to the centralized management apparatus by using the TCP portnumber, wherein the TCP connection establishment request comprises thefirst IP address, and the TCP connection establishment request is usedto establish the IGP monitoring protocol session.
 10. A centralizedmanagement apparatus, comprising: at least one processor; and one ormore memories coupled to the at least one processor and storinginstructions for execution by the at least one processor, theinstructions instruct the at least one processor to cause thecentralized management apparatus to: receive a first packet from a firstnetwork device through a first Interior Gateway Protocol monitoringprotocol (IMP) session, wherein the first packet comprises a first linkstate database sent by the first network device to the second networkdevice; and store, by the centralized management apparatus, the firstlink state database.
 11. The method according to claim 10, wherein theinstructions further instruct the at least one processor to cause thecentralized management apparatus to: receive a second packet from asecond network device through a second IMP session, wherein the secondpacket comprises a second link state database received by the secondnetwork device from the first network device; and store the second linkstate database.
 12. The method according to claim 11, wherein theinstructions further instruct the at least one processor to cause thecentralized management apparatus to: perform a fault diagnosis accordingto the first link state database and the second link state database. 13.The method according to claim 10, wherein the first IMP session is basedon transmission control protocol (TCP).
 14. The method according toclaim 10, wherein the first IMP session and the second IMP session havedifferent TCP ports.
 15. The apparatus according to claim 10, whereinthe instructions further instruct the at least one processor to causethe centralized management apparatus to: configure a first IP addressused to establish an IGP monitoring protocol session and a TCP portnumber; receive a TCP connection establishment request from the firstnetwork device by using the TCP port number, wherein the TCP connectionestablishment request comprises a second IP address that is used toestablish the IGP monitoring protocol session and that is configured bythe first network device; and establish the first IGP monitoringprotocol session.
 16. A first network device, comprising: at least oneprocessor; and one or more memories coupled to the at least oneprocessor and storing instructions for execution by the at least oneprocessor, the instructions instruct the at least one processor to causethe first network device to: generate a packet, wherein the packetcomprises a first link state database sent by the first network deviceto a second network device; and send the packet to a centralizedmanagement apparatus through an IGP monitoring protocol session (IMP).